@distributionos/cli 0.1.0

package/src/cli.js

@@ -0,0 +1,487 @@
+import { CLI_LOCAL_VERSION, DEFAULT_API_BASE } from './constants.js';
+import {
+  ensureAnalyticsSite,
+  reportImplementation,
+  resolveAuthToken,
+  verifyAnalyticsInstall,
+} from './api.js';
+import { loginWithOAuth } from './oauth.js';
+import { createSetupPlan, formatPlanText } from './plan.js';
+import { applySetupPlan } from './mutate.js';
+import { submitInitialization } from './initialization.js';
+import { compareValidationResults, inspectInstallArtifacts, runValidationPlan } from './validation.js';
+
+export async function runCli(argv, runtime) {
+  const stdout = runtime.stdout;
+  const stderr = runtime.stderr;
+  let args;
+  try {
+    args = parseArgs(argv.slice(2));
+  } catch (error) {
+    stderr.write(`${error instanceof Error ? error.message : 'Invalid arguments'}\n\n`);
+    stderr.write(helpText());
+    return 1;
+  }
+
+  if (args.version) {
+    stdout.write(`${CLI_LOCAL_VERSION}\n`);
+    return 0;
+  }
+
+  if (args.help || !args.command) {
+    stdout.write(helpText());
+    return 0;
+  }
+
+  if (args.command === 'login') {
+    if (!args.appId) {
+      stderr.write('Missing required --app <appId>.\n\n');
+      stderr.write(helpText());
+      return 1;
+    }
+
+    try {
+      const credential = await loginWithOAuth({
+        appId: args.appId,
+        apiBase: args.apiBase ?? DEFAULT_API_BASE,
+        env: runtime.env,
+        fetch: runtime.fetch,
+        stdout,
+        openBrowser: !args.noOpen,
+      });
+      stdout.write(`DistributionOS OAuth connected. Access token expires ${credential.expiresAt}.\n`);
+      return 0;
+    } catch (error) {
+      stderr.write(`${error instanceof Error ? error.message : 'OAuth login failed'}\n`);
+      return 1;
+    }
+  }
+
+  if (args.command === 'verify') {
+    if (!args.appId) {
+      stderr.write('Missing required --app <appId>.\n\n');
+      stderr.write(helpText());
+      return 1;
+    }
+    if (!args.url) {
+      stderr.write('Missing required --url <liveUrl>.\n\n');
+      stderr.write(helpText());
+      return 1;
+    }
+
+    const authReady = await ensureCliAuth({ args, runtime, stderr });
+    if (!authReady) return 1;
+
+    try {
+      const result = await verifyAnalyticsInstall({
+        appId: args.appId,
+        apiBase: args.apiBase ?? DEFAULT_API_BASE,
+        env: runtime.env,
+        fetch: runtime.fetch,
+        url: args.url,
+        expectedContentId: args.contentId,
+        contractVersion: args.contractVersion,
+      });
+      stdout.write(args.json ? `${JSON.stringify(result, null, 2)}\n` : formatVerifyResult(result));
+      return 0;
+    } catch (error) {
+      stderr.write(`${error instanceof Error ? error.message : 'Analytics verification failed'}\n`);
+      return 1;
+    }
+  }
+
+  if (args.command === 'report-implementation') {
+    if (!args.appId) {
+      stderr.write('Missing required --app <appId>.\n\n');
+      stderr.write(helpText());
+      return 1;
+    }
+    if (!args.artifactId) {
+      stderr.write('Missing required --artifact <artifactId>.\n\n');
+      stderr.write(helpText());
+      return 1;
+    }
+
+    const authReady = await ensureCliAuth({ args, runtime, stderr });
+    if (!authReady) return 1;
+
+    try {
+      const result = await reportImplementation({
+        appId: args.appId,
+        artifactId: args.artifactId,
+        apiBase: args.apiBase ?? DEFAULT_API_BASE,
+        env: runtime.env,
+        fetch: runtime.fetch,
+        payload: buildImplementationReportPayload(args),
+      });
+      stdout.write(args.json ? `${JSON.stringify(result, null, 2)}\n` : formatReportResult(result));
+      return 0;
+    } catch (error) {
+      stderr.write(`${error instanceof Error ? error.message : 'Implementation report failed'}\n`);
+      return 1;
+    }
+  }
+
+  if (args.command !== 'setup') {
+    stderr.write(`Unknown command: ${args.command}\n\n`);
+    stderr.write(helpText());
+    return 1;
+  }
+
+  if (!args.appId) {
+    stderr.write('Missing required --app <appId>.\n\n');
+    stderr.write(helpText());
+    return 1;
+  }
+
+  if (!args.noFetch) {
+    const authReady = await ensureCliAuth({ args, runtime, stderr });
+    if (!authReady) return 1;
+  }
+
+  let plan = await createSetupPlan({
+    appId: args.appId,
+    cwd: args.cwd ?? runtime.cwd,
+    apiBase: args.apiBase ?? DEFAULT_API_BASE,
+    env: runtime.env,
+    fetch: runtime.fetch,
+    noFetch: args.noFetch,
+    apply: args.apply,
+  });
+
+  if (!args.apply && !args.yes) {
+    stdout.write(args.json ? `${JSON.stringify(plan, null, 2)}\n` : formatPlanText(plan));
+    if (args.json) return 0;
+    const confirmed = await promptForApply(runtime, stdout);
+    if (!confirmed) return 0;
+    args.apply = true;
+  }
+
+  if (args.yes) {
+    args.apply = true;
+  }
+
+  if (args.apply && plan.repo.git.dirty && !args.allowDirty) {
+    stderr.write('Refusing to apply changes to a dirty worktree. Commit/stash changes or pass --allow-dirty.\n');
+    return 1;
+  }
+
+  if (args.apply && !args.skipAnalytics) {
+    const ensured = await ensureAnalyticsSite({
+      appId: args.appId,
+      apiBase: args.apiBase ?? DEFAULT_API_BASE,
+      env: runtime.env,
+      fetch: runtime.fetch,
+      domain: args.domain,
+      ownerVisitExclusionEnabled: true,
+    });
+    if (ensured.status === 'failed') {
+      stderr.write(`Analytics tracker setup skipped: ${ensured.error}\n`);
+    }
+  }
+
+  plan = await createSetupPlan({
+    appId: args.appId,
+    cwd: args.cwd ?? runtime.cwd,
+    apiBase: args.apiBase ?? DEFAULT_API_BASE,
+    env: runtime.env,
+    fetch: runtime.fetch,
+    noFetch: args.noFetch,
+    apply: args.apply,
+  });
+
+  if (!args.apply) {
+    stdout.write(args.json ? `${JSON.stringify(plan, null, 2)}\n` : formatPlanText(plan));
+    return 0;
+  }
+
+  try {
+    const baselineValidation = args.skipValidate ? [] : await runValidationPlan(plan);
+    const changes = await applySetupPlan(plan, {
+      allowDirty: args.allowDirty,
+      skipAnalytics: args.skipAnalytics,
+    });
+    const postValidation = args.skipValidate ? [] : await runValidationPlan(plan);
+    const validation = compareValidationResults(baselineValidation, postValidation);
+    const inspection = args.skipAnalytics ? [] : await inspectInstallArtifacts(plan);
+    const token = await resolveAuthToken({
+      env: runtime.env,
+      apiBase: args.apiBase ?? DEFAULT_API_BASE,
+      appId: args.appId,
+      fetchImpl: runtime.fetch,
+    });
+    const initialization = token
+      ? await submitInitialization({
+        plan,
+        token: token.value,
+        apiBase: args.apiBase ?? DEFAULT_API_BASE,
+        fetchImpl: runtime.fetch,
+        domain: args.domain,
+      })
+      : null;
+
+    stdout.write(args.json
+      ? `${JSON.stringify({ plan, changes, initialization, validation, inspection }, null, 2)}\n`
+      : formatApplyResult(plan, changes, initialization, validation, inspection, args.skipValidate));
+    return hasBlockingApplyFailure(validation, inspection) ? 1 : 0;
+  } catch (error) {
+    stderr.write(`${error instanceof Error ? error.message : 'Setup apply failed'}\n`);
+    return 1;
+  }
+}
+
+function hasBlockingApplyFailure(validation, inspection) {
+  return validation.some((result) => result.introducedFailure) ||
+    inspection.some((result) => result.status === 'failed');
+}
+
+export function parseArgs(rawArgs) {
+  const parsed = {
+    command: null,
+    appId: null,
+    cwd: null,
+    apiBase: null,
+    domain: null,
+    json: false,
+    noFetch: false,
+    apply: false,
+    allowDirty: false,
+    skipAnalytics: false,
+    skipValidate: false,
+    noOpen: false,
+    noLogin: false,
+    yes: false,
+    url: null,
+    contentId: null,
+    contractVersion: null,
+    artifactId: null,
+    status: null,
+    summary: null,
+    analyticsOptOutReason: null,
+    help: false,
+    version: false,
+  };
+
+  const args = [...rawArgs];
+  if (args[0] === '--help' || args[0] === '-h') {
+    parsed.help = true;
+    args.shift();
+  } else if (args[0] === '--version' || args[0] === '-v') {
+    parsed.version = true;
+    args.shift();
+  } else {
+    parsed.command = args.shift() ?? null;
+  }
+
+  for (let index = 0; index < args.length; index += 1) {
+    const arg = args[index];
+    if (arg === '--help' || arg === '-h') parsed.help = true;
+    else if (arg === '--version' || arg === '-v') parsed.version = true;
+    else if (arg === '--json') parsed.json = true;
+    else if (arg === '--no-fetch') parsed.noFetch = true;
+    else if (arg === '--apply') parsed.apply = true;
+    else if (arg === '--allow-dirty') parsed.allowDirty = true;
+    else if (arg === '--skip-analytics') parsed.skipAnalytics = true;
+    else if (arg === '--skip-validate') parsed.skipValidate = true;
+    else if (arg === '--no-open') parsed.noOpen = true;
+    else if (arg === '--no-login') parsed.noLogin = true;
+    else if (arg === '--yes' || arg === '-y') parsed.yes = true;
+    else if (arg === '--app') parsed.appId = args[++index] ?? null;
+    else if (arg.startsWith('--app=')) parsed.appId = arg.slice('--app='.length);
+    else if (arg === '--cwd') parsed.cwd = args[++index] ?? null;
+    else if (arg.startsWith('--cwd=')) parsed.cwd = arg.slice('--cwd='.length);
+    else if (arg === '--api-base') parsed.apiBase = args[++index] ?? null;
+    else if (arg.startsWith('--api-base=')) parsed.apiBase = arg.slice('--api-base='.length);
+    else if (arg === '--domain') parsed.domain = args[++index] ?? null;
+    else if (arg.startsWith('--domain=')) parsed.domain = arg.slice('--domain='.length);
+    else if (arg === '--url') parsed.url = args[++index] ?? null;
+    else if (arg.startsWith('--url=')) parsed.url = arg.slice('--url='.length);
+    else if (arg === '--content-id') parsed.contentId = args[++index] ?? null;
+    else if (arg.startsWith('--content-id=')) parsed.contentId = arg.slice('--content-id='.length);
+    else if (arg === '--contract-version') parsed.contractVersion = args[++index] ?? null;
+    else if (arg.startsWith('--contract-version=')) parsed.contractVersion = arg.slice('--contract-version='.length);
+    else if (arg === '--artifact') parsed.artifactId = args[++index] ?? null;
+    else if (arg.startsWith('--artifact=')) parsed.artifactId = arg.slice('--artifact='.length);
+    else if (arg === '--status') parsed.status = args[++index] ?? null;
+    else if (arg.startsWith('--status=')) parsed.status = arg.slice('--status='.length);
+    else if (arg === '--summary') parsed.summary = args[++index] ?? null;
+    else if (arg.startsWith('--summary=')) parsed.summary = arg.slice('--summary='.length);
+    else if (arg === '--analytics-opt-out') parsed.analyticsOptOutReason = args[++index] ?? null;
+    else if (arg.startsWith('--analytics-opt-out=')) parsed.analyticsOptOutReason = arg.slice('--analytics-opt-out='.length);
+    else throw new Error(`Unknown argument: ${arg}`);
+  }
+
+  return parsed;
+}
+
+function helpText() {
+  return [
+    'DistributionOS CLI',
+    '',
+    'Usage:',
+    '  distributionos setup --app <appId> [--api-base <url>] [--cwd <path>] [--json] [--no-fetch]',
+    '  distributionos setup --app <appId> --apply [--domain <domain>] [--allow-dirty]',
+    '  distributionos login --app <appId> [--api-base <url>]',
+    '  distributionos verify --app <appId> --url <liveUrl> [--content-id <id>]',
+    '  distributionos report-implementation --app <appId> --artifact <artifactId> [--url <liveUrl>] [--summary <text>]',
+    '',
+    'Default mode prints a dry-run plan. Interactive terminals can confirm the plan before mutation; non-interactive runs need --apply or --yes.',
+    '',
+    'Authentication:',
+    '  Happy path uses DistributionOS MCP OAuth and stores app-scoped credentials outside the repo.',
+    '  DISTRIBUTIONOS_API_KEY, DOS_API_KEY, or DISTRIBUTIONOS_TOKEN are advanced fallbacks.',
+    '  Tokens are never printed or written to committed files.',
+    '',
+  ].join('\n');
+}
+
+async function ensureCliAuth({ args, runtime, stderr }) {
+  const existingToken = await resolveAuthToken({
+    env: runtime.env,
+    apiBase: args.apiBase ?? DEFAULT_API_BASE,
+    appId: args.appId,
+    fetchImpl: runtime.fetch,
+  });
+  if (existingToken || args.noLogin) return true;
+
+  try {
+    await loginWithOAuth({
+      appId: args.appId,
+      apiBase: args.apiBase ?? DEFAULT_API_BASE,
+      env: runtime.env,
+      fetch: runtime.fetch,
+      stdout: runtime.stdout,
+      openBrowser: !args.noOpen,
+    });
+    return true;
+  } catch (error) {
+    stderr.write(`${error instanceof Error ? error.message : 'OAuth login failed'}\n`);
+    return false;
+  }
+}
+
+async function promptForApply(runtime, stdout) {
+  const stdin = runtime.stdin;
+  const isInteractive =
+    Boolean(stdin?.isTTY) &&
+    Boolean(runtime.stdout?.isTTY) &&
+    typeof stdin.once === 'function' &&
+    typeof stdin.resume === 'function';
+
+  if (!isInteractive) return false;
+
+  stdout.write('\nApply this plan now? Type yes to continue: ');
+  const answer = await new Promise((resolve) => {
+    stdin.once('data', (chunk) => resolve(String(chunk)));
+    stdin.resume();
+  });
+  return answer.trim().toLowerCase() === 'yes';
+}
+
+function buildImplementationReportPayload(args) {
+  return {
+    ...(args.url ? { publishedUrl: args.url } : {}),
+    status: args.status ?? 'live',
+    ...(args.contentId ? { analyticsIds: { dosContentId: args.contentId } } : {}),
+    ...(args.analyticsOptOutReason ? { analyticsOptOutReason: args.analyticsOptOutReason } : {}),
+    metadata: {
+      reportedBy: 'distributionos-cli',
+      ...(args.summary ? { summary: args.summary } : {}),
+    },
+  };
+}
+
+function formatVerifyResult(result) {
+  const lines = [
+    'DistributionOS analytics verification',
+    `- Status: ${result.status ?? 'unknown'}`,
+    `- URL: ${result.checkedUrl ?? 'unknown'}`,
+    `- Tracking state: ${result.trackingStatus?.state ?? result.trackingStatus?.status ?? 'unknown'}`,
+    '',
+    'Checks',
+  ];
+
+  for (const [key, value] of Object.entries(result.checks ?? {})) {
+    lines.push(`- ${key}: ${value ? 'yes' : 'no'}`);
+  }
+
+  if (Array.isArray(result.notes) && result.notes.length > 0) {
+    lines.push('', 'Notes', ...result.notes.map((note) => `- ${note}`));
+  }
+
+  return `${lines.join('\n')}\n`;
+}
+
+function formatReportResult(result) {
+  const artifact = result.artifact ?? result;
+  const lines = [
+    'DistributionOS implementation report',
+    `- Status: ${artifact.status ?? result.status ?? 'submitted'}`,
+    `- Artifact: ${artifact.id ?? result.id ?? 'updated'}`,
+  ];
+  if (artifact.publishedUrl ?? result.publishedUrl) {
+    lines.push(`- Published URL: ${artifact.publishedUrl ?? result.publishedUrl}`);
+  }
+  const followUp = artifact.implementationFollowUp ?? result.implementationFollowUp;
+  if (followUp?.googleSearchConsoleInspectionUrl) {
+    lines.push(`- Search Console inspection: ${followUp.googleSearchConsoleInspectionUrl}`);
+  }
+  return `${lines.join('\n')}\n`;
+}
+
+function formatApplyResult(plan, changes, initialization, validation, inspection, skipValidate) {
+  const lines = [
+    formatPlanText({ ...plan, mode: 'apply' }).trimEnd(),
+    '',
+    'Applied changes',
+  ];
+
+  if (changes.length === 0) {
+    lines.push('- No file changes were needed.');
+  } else {
+    for (const change of changes) {
+      lines.push(change.changed
+        ? `- ${change.type}: ${change.action} ${change.file}`
+        : `- ${change.type}: ${change.reason}`);
+    }
+  }
+
+  lines.push(initialization?.reviewUrl
+    ? `- Initialization submitted. Review URL: ${initialization.reviewUrl}`
+    : '- Initialization was not submitted because no auth token was available.');
+
+  lines.push('', 'Validation');
+  if (skipValidate) {
+    lines.push('- Skipped by --skip-validate.');
+  } else if (!validation.length) {
+    lines.push('- No build/test/lint commands were detected.');
+  } else {
+    for (const result of validation) {
+      const status = result.exitCode === 0
+        ? 'passed'
+        : result.introducedFailure
+          ? 'failed after CLI changes'
+          : result.preExistingFailure
+            ? 'failed before CLI changes too'
+            : 'failed';
+      lines.push(`- ${result.name}: ${status} (${result.command})`);
+      if (result.exitCode !== 0 && (result.stderr || result.stdout)) {
+        lines.push(`  Last output: ${oneLine(result.stderr || result.stdout)}`);
+      }
+    }
+  }
+  lines.push('', 'Install inspection');
+  if (!inspection.length) {
+    lines.push('- No install artifacts needed inspection.');
+  } else {
+    for (const result of inspection) {
+      lines.push(`- ${result.name}: ${result.status} - ${result.message}`);
+    }
+  }
+  lines.push('- Nothing was committed, pushed, or deployed.');
+  return `${lines.join('\n')}\n`;
+}
+
+function oneLine(value) {
+  return String(value).split(/\r?\n/).filter(Boolean).slice(-1)[0]?.slice(0, 240) ?? '';
+}

package/src/constants.js

@@ -0,0 +1,60 @@
+export const CLI_PACKAGE_NAME = '@distributionos/cli';
+export const CLI_LOCAL_VERSION = '0.0.0-local';
+export const DEFAULT_API_BASE = 'https://distributionos.dev';
+export const MCP_SERVER_URL = 'https://distributionos.dev/api/mcp';
+export const CURRENT_BOOTSTRAP_VERSION = '2026.06.13';
+export const CURRENT_ANALYTICS_CONTRACT_VERSION = '2026.06.13';
+
+export const TOKEN_ENV_NAMES = [
+  'DISTRIBUTIONOS_API_KEY',
+  'DOS_API_KEY',
+  'DISTRIBUTIONOS_TOKEN',
+];
+
+export const PUBLIC_ROUTE_PATTERNS = [
+  '/',
+  '/blog/**',
+  '/articles/**',
+  '/posts/**',
+  '/docs/**',
+  '/guides/**',
+  '/resources/**',
+  '/pricing/**',
+  '/features/**',
+  '/use-cases/**',
+  '/case-studies/**',
+  '/about/**',
+  '/contact/**',
+  '/changelog/**',
+];
+
+export const PRIVATE_ROUTE_PATTERNS = [
+  '/dashboard/**',
+  '/account/**',
+  '/billing/**',
+  '/settings/**',
+  '/auth/**',
+  '/login/**',
+  '/signup/**',
+  '/admin/**',
+  '/api/**',
+  '/app/**',
+  '/apps/**',
+  '/product/**',
+  '/products/**',
+  '/project/**',
+  '/projects/**',
+  '/workspace/**',
+  '/workspaces/**',
+  '/customer/**',
+  '/customers/**',
+  '/client/**',
+  '/clients/**',
+  '/user/**',
+  '/users/**',
+  '/redirect/**',
+  '/go/**',
+  '/out/**',
+  '/checkout/**',
+  '/portal/**',
+];